12 matches found
CVE-2010-0359
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long string in an invalid Client Hello message...
Design/Logic Flaw
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...
CVE-2021-23839
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...
CVE-2021-23839
CVE-2021-23839 describes a padding-check logic error in OpenSSL 1.0.2 (affecting 1.0.2s–1.0.2x) where RSA_padding_check_SSLv23() mis-handles SSLv2 rollback protection. The bug causes a server configured for SSLv2 in combination with newer TLS versions to accept connections when a version-rollback...
CVE-2021-23839
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...
sslv2-drown NSE Script
Determines whether the server supports SSLv2, what ciphers it supports and tests for CVE-2015-3197, CVE-2016-0703 and CVE-2016-0800 DROWN Script Arguments tls.servername See the documentation for the tls library. smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername See the...
CVE-2016-1853
Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support...
Information disclosure
Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support...
CVE-2016-1853
Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support...
SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened eNcryption)
Binary data 801962.prm...
MGASA-2015-0156 Updated mono packages fix security vulnerabilities
A TLS impersonation attack was discovered in Mono's TLS stack by researchers at Inria CVE-2015-2318. During checks on the TLS stack, they have discovered two further issues which have been fixed, a vulnerability to a protocol downgrade attack CVE-2015-2319 and SSLv2 support still being available...
CVE-2007-0009
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote...